I am running IIS 8.5 on a Windows 2012 R2 Core box. I created a new application pool called "MyNewAppPool". I have a website instance, called "MyNewWebsite.com" running in the "MyNewAppPool" application pool. The Identity used for "MyNewAppPool" is "ApplicationPoolIdentity".
It is my understanding that I can assign security permissions for application pools in IIS 8.5 by using the auto-generated local virtual accounts, which will be named "IIS AppPool\{Application Pool Name}".
So, in Windows Explorer on the "MyNewWebsite.com" directory, I should be able to assign read/write permissions for the virtual user account "IIS AppPool\MyNewAppPool". I cannot find this user account to assign any permissions to. I am searching the local computer location and not the whole domain. I can find the "IIS AppPool\DefaultAppPool" account, however I don't want to run MyNewWebsite.com under the DefaultAppPPool, I want to run it under the MyNewAppPool application pool.
Can anyone please tell me why I don't can't find the auto-generated virtual account for MyNewAppPool?
You won't ever find the synthesised application pool identity in the permissions search dialogue. Just type in the name of the pool identity like this:
Via GUI:
The click the Check Names button:
Via Command Line:
Alternatively you can use ICACLS
from an administrator command line/Powershell:
icacls c:\wwwroot\mysite /grant "IIS AppPool\MyNewAppPool":(CI)(OI)(M)